cve/CVE-2024-8966.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1.2 KiB

Raw Permalink Blame History

CVE-2024-8966

Description

A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime.

POC

Reference

No PoCs from references.

Github

https://github.com/Alan-xh/video_search_and_summarization
https://github.com/NVIDIA-AI-Blueprints/video-search-and-summarization
https://github.com/franzheffa/video-search-and-summarization-viize
https://github.com/gil-feldman-glidetalk/video-search-and-summarization
https://github.com/omarubilla/vss
https://github.com/rmkraus/video-search-and-summarization

1.2 KiB Raw Permalink Blame History

CVE-2024-8966

Description

POC

Reference

Github

1.2 KiB

Raw Permalink Blame History